Cybersecurity

Cyberattacks are a very real threat in our modern world – and nobody is immune to being a target! Join us via the Internet on September 28, 2017 for a better understanding of (and appreciation for) the cybersecurity issues that threaten your clients every single day and how you can protect them. Attorneys with basic to intermediate practice experience who attend this online seminar will learn: the types of cyber threats that may impact your client; how cyber threats arise; how to use cyber insurance to mitigate against potential exposures; what is covered by cyber insurance policies; the legal and ethical obligations you and your client have regarding the safeguarding of electronically-stored information; and how to address a cyberattack if it occurs.

The program is presented by the ISBA Insurance Law Section and qualifies for 2.25 hours MCLE credit, including 0.75 hour Professional Responsibility MCLE credit(subject to approval).

"Lawyers have an ethical obligation to protect their clients' information," and in this day and age that means electronically stored information, observes ISBA Intellectual Property Section Council member Margo Lynn Hablutzel in the March Illinois Bar Journal. With that in mind, she offers 10 cybersecurity tips for lawyers to consider.

1. Change the factory password on a device to something different and uncommon "so hackers don't gain access through factory-installed passwords."

2. Change passwords often.

3. Use strong passwords that include"a combination of letters (sometimes requiring both upper- and lowercase letters), numbers, and symbols."

4. Consider using dual authentication, which "requires two items to confirm a person's right to access your systems, the simplest being an email address and a password."

5. Limit file access to those who need it. "Some firms set up secure areas for major clients which are accessible to only specific persons from both the firm and the client," Hablutzel writes.

6. Disable passwords when someone leaves the firm.

7. Plan for a cyberattack or breakdown as you would for other disasters.

8. Train your team to avoid spoofing and phishing and to "'trust but verify' before clicking on a link or sending out any information."